Static routing table does not match across cluster members-radware-alteon-os

error
high-availability
alteon-os
radware
Static routing table does not match across cluster members-radware-alteon-os
0

#1

Static routing table does not match across cluster members-radware-alteon-os

Vendor: radware

OS: alteon-os

Description:
Indeni will identify when two devices are part of a cluster and alert if their static routing tables are different.

Remediation Steps:
Ensure the static routing table matches across devices in a cluster.

How does this work?
This alert uses the Radware API to extract the configured routes for the device by running /config/IpCurCfgStaticRouteTable.

Why is this important?
It is important that the routing is configured the same for all cluster members of the same cluster. Otherwise there can be downtime in the event of a failover.

Without Indeni how would you find this?
An administrator could log into the device and run a CLI command or view the static routes over the GUI. However, they would have to manually compare the routing tables of each device to ensure that the cluster does not have any mismatches.

radware-api-config-ipCurCfgStaticRouteTable

#! META
name: radware-api-config-ipCurCfgStaticRouteTable
description: Retrieve the static IP addresses.
type: monitoring
monitoring_interval: 10 minute 
requires:
    os.name: "alteon-os"
    vendor: "radware"
    or:
        -
            vsx: "true"
        -
            standalone: "true"
#! COMMENTS
static-routing-table:
    why: |
        It is important that the routing is configured the same for all cluster members of the same cluster. Otherwise there can be downtime in the event of a failover.
    how: |
        This alert uses the Radware API to extract the configured routes for the device by running /config/IpCurCfgStaticRouteTable.
    without-indeni: |
        An administrator could log into the device and run a CLI command or view the static routes over the GUI. However, they would have to manually compare the routing tables of each device to ensure that the cluster does not have any mismatches.
    can-with-snmp: true
    can-with-syslog: false

#! REMOTE::HTTP
url: /config/IpCurCfgStaticRouteTable
protocol: HTTPS

#! PARSER::JSON
_vars:
    root: IpCurCfgStaticRouteTable
    name: Indx
_metrics:
    -
        _groups:
            ${root}:
                _tags:
                    "im.name":
                        _constant: "static-routing-table"                    
                    "live-config":
                        _constant: "true"
                    "display-name":
                        _constant: "Static Routes"
                    "im.dstype.displayType":
                        _constant: "string"
                    "im.identity-tags":
                        _constant: "name"
                    "name":
                        _value: ${name}
                _value.complex:
                    "next-hop":
                        _value: Gateway
                    "mask":
                        _value: Mask
                    "network":
                        _value: DestIp
        _value: complex-array

static_routing_table_comparison_non_vsx

package com.indeni.server.rules.library.templatebased.crossvendor

import com.indeni.server.common.data.conditions.{Equals => DataEquals}
import com.indeni.server.rules.RuleContext
import com.indeni.server.rules.library._

/**
  *
  */
case class static_routing_table_comparison_non_vsx(context: RuleContext) extends SnapshotComparisonTemplateRule(context,
  ruleName = "static_routing_table_comparison_non_vsx",
  ruleFriendlyName = "Clustered Devices (Non-VS): Static routing table does not match across cluster members",
  ruleDescription = "Indeni will identify when two devices are part of a cluster and alert if their static routing tables are different.",
  metricName = "static-routing-table",
  isArray = true,
  metaCondition = !DataEquals("vsx", "true"),
  baseRemediationText = "Ensure the static routing table matches across devices in a cluster.",
  alertDescription = "Devices that are part of a cluster must have the same static routing tables. Review the differences below.\n\nThis alert was added per the request of <a target=\"_blank\" href=\"http://il.linkedin.com/pub/itzik-assaraf/2/870/1b5\">Itzik Assaraf</a> (Leumi Card)."
  )(
  ConditionalRemediationSteps.VENDOR_CP -> "Use the \"show configuration\" command in clish to compare the calls to \"set static-route\".",
  ConditionalRemediationSteps.OS_NXOS ->
    """|
      |1. Execute the "show ip route static" command to display the current contents of the  static routes installed to the routing table.
      |2. Compare the static route config between the peer switches with the show run | i "ip route" command
      |NOTE: The static routes configured between the peer switches may be different in case of orphan devices without need of redundancy between the vPC peer switches
      |3. For more information please review the next Cisco configuration guide:
      |https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/unicast/configuration/guide/l3_cli_nxos/l3_route.html
    """.stripMargin
)
{override val deviceCondition = generateDevicePassiveAndPassiveLinkStateCondition(context.tsDao)}


case class static_routing_table_comparison_vsx(context: RuleContext) extends SnapshotComparisonTemplateRule(context,
  ruleName = "static_routing_table_comparison_vsx",
  ruleFriendlyName = "Clustered Devices (VS): Static routing table does not match across cluster members",
  ruleDescription = "Indeni will identify when two devices are part of a cluster and alert if their static routing tables are different.",
  metricName = "static-routing-table",
  isArray = true,
  descriptionMetricTag = "vs.name",
  metaCondition = DataEquals("vsx", "true"),
  alertDescription = "Devices that are part of a cluster must have the same static routing tables. Review the differences below.\n\nThis alert was added per the request of <a target=\"_blank\" href=\"http://il.linkedin.com/pub/itzik-assaraf/2/870/1b5\">Itzik Assaraf</a> (Leumi Card).",
  baseRemediationText = "Ensure the static routing table matches across devices in a cluster.")(
  ConditionalRemediationSteps.VENDOR_CP -> "Use the \"show configuration\" command in clish to compare the calls to \"set static-route\".",
  ConditionalRemediationSteps.OS_NXOS ->
    """|
       |1. Execute the "show ip route static" command to display the current contents of the  static routes installed to the routing table.
       |2. Compare the static route config between the peer switches with the show run | i "ip route" command
       |NOTE: The static routes configured between the peer switches may be different in case of orphan devices without need of redundancy between the vPC peer switches
       |3. For more information please review the next Cisco configuration guide:
       |https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/unicast/configuration/guide/l3_cli_nxos/l3_route.html
    """.stripMargin
)
{override val deviceCondition = generateDevicePassiveAndPassiveLinkStateCondition(context.tsDao)}